Blogging on programming and life in general.

ASP.NET Login Authentication Problem

I was trying to create a Login page for my website in ASP.NET a couple of days ago and I was stumped that the following piece of code did not work:

private bool SiteLevelCustomAuthenticationMethod(string User, string Password)
   bool boolReturnValue = false;
   DataTable dtAuthUsers = SomeBLL.GetUsers();
   if (dtAuthUsers != null && dtAuthUsers.Rows.Count > 0)
       DataView dvAuthUsers = dtAuthUsers.DefaultView;
       foreach (DataRowView drvAuthUsers in dvAuthUsers)
            if (User == drvAuthUsers.Row["User"].ToString() && Password == drvAuthUsers.Row["Password"].ToString())
                boolReturnValue = true;
    return boolReturnValue;

protected void LoginControl_Authenticate(object sender, AuthenticateEventArgs e)
    bool Authenticated = false;
    Authenticated = SiteLevelCustomAuthenticationMethod(LoginControl.UserName, LoginControl.Password);
    e.Authenticated = Authenticated;
    if (Authenticated == true)
        FormsAuthentication.RedirectFromLoginPage(string.Format("{0}", LoginControl.UserName), false);

Now after numerous debug sessions on this code, I could not find a thing wrong with it. The correct Username and Password was getting parsed to the Database but still the 'SiteLevelCustomAuthenticationMethod' function was still returning a false.

What was causing this problem was actually quite simple (even though it had taken my a long time to solve!). Basically, in the User's table in my database had the following columns:

1) User_ID ------> DataType: int
2) Username ------> DataType: nvarchar
3) Password ------> DataType: char

Now this table look alright doesn't it? Well it isn't. The problem lies within the 'Password' column. Since this column format is 'char' with a length of 25, when you enter a password that is less than 25 characters in length a space will be added after to fill out the data length. For example, if you had a password that was 10 characters long, an extra 15 characters of spacing will be added after your password.

In order to fix this problem, I changed the Password DataType to 'nvarchar', which solved the problem. 

blog comments powered by Disqus